44 applicants

Company

Stripe · 1 day ago

Offensive Security Engineer

Remote, US

Full-time

Remote

Senior Level

5+ years exp

Maximize your interview chances

FinanceFinTech

Comp. & Benefits

H1B Sponsor Likely

Insider Connection @Stripe

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Conduct complex offensive security assessments across a variety of environments, including on-premise, cloud, and mobile applications.

Develop scripts and tools to automate offensive security assessments

Provide technical expertise in areas such as network protocols, operating systems, and web application security.

Work closely with other members of the Stripe security team to identify and mitigate security risks and vulnerabilities.

Lead offensive security projects and mentor junior team members.

Produce clear and concise reports testing plans, engagement models, findings, risks, and recommendations for remediation

Keep up-to-date with the latest security threats, vulnerabilities, and attack methods.

Act as the subject-matter expert and primary contact for stakeholder teams invested in offensive security programs and Stripe-wide security initiatives

Collaborate effectively with teammates, leading projects, mentoring others, and developing and championing quality standards within the team

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Offensive securityWeb application securityCloud computing AWSCloud computing AzureCloud computing GCPPythonSQLLog analysisThreat intelligenceDigital forensicsData analysis toolsOpen-source frameworksNetwork observabilityTechnical writing

Required

5+ years experience in offensive security or related field

B.S. or M.S. Computer Science or related field, or equivalent experience

Proven knowledge of web application security, including vulnerabilities such as OWASP Top10

Experience with cloud computing platforms such as AWS, Azure, or Google Cloud Platform

Knowledge of Python and SQL, and familiarity with other programming languages

Ability to analyze and interpret application logs to identify and investigate potential security incidents

Excellent written and verbal communication skills, including the ability to produce clear and concise reports

Ability to think creatively and holistically about identifying risk in a complex environment

Preferred

Experience in conducting offensive security activities in the fintech or financial sectors

An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors.

Experience partnering with threat intelligence and incident response teams to perform log analysis, digital forensics, and incident response investigations

Experience with engineering, data processing and analysis tools (e.g. Databricks, Trino, etc.)

Familiarity with common open-source frameworks for big data processing and/or data science (PySpark, Pandas, Sci-kit Learn, etc.)

Experience with tactical threat intelligence and/or hunting for sophisticated threat actors in an enterprise environment

Familiarity with network observability, security software, or data engineering solutions (osquery, Splunk, etc.)

Company

Stripe

Glassdoor

3.6

Stripe is an API technology company that provides online payment processing and commerce solutions for Internet businesses.

Founded in 2010

South San Francisco, California, USA

1001-5000 employees

https://www.stripe.com

H1B Sponsorship

Stripe has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (109)

2022 (300)

2021 (348)

2020 (121)